Abstract
Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model components quickly results in a large quantity of interrelations, which are hard to grasp. In this work we present several approaches for visualising attributes of attacks such as likelihood of success, impact, and required time or skill level. The resulting visualisations provide a link between attacks on an organisations and the contribution of parts of an organisation to the attack and its impact.
Original language | English |
---|---|
Title of host publication | Secure IT Systems |
Subtitle of host publication | 21st Nordic Conference, NordSec 2016, Oulu, Finland, November 2-4, 2016. Proceedings |
Place of Publication | London |
Publisher | Springer |
Pages | 54-66 |
Number of pages | 13 |
ISBN (Electronic) | 978-3-319-47560-8 |
ISBN (Print) | 978-3-319-47559-2 |
DOIs | |
Publication status | Published - 9 Oct 2016 |
Externally published | Yes |
Event | 21st Nordic Conference on Secure IT Systems, NordSec 2016 - University of Oulu, Oulu, Finland Duration: 2 Nov 2016 → 4 Nov 2016 Conference number: 21 http://nordsec.oulu.fi/ |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer International Publishing |
Volume | 10014 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 21st Nordic Conference on Secure IT Systems, NordSec 2016 |
---|---|
Abbreviated title | NordSec |
Country/Territory | Finland |
City | Oulu |
Period | 2/11/16 → 4/11/16 |
Internet address |
Keywords
- EC Grant Agreement nr.: FP7/318003
- EC Grant Agreement nr.: FP7/2007-2013
- Leaf node
- Pareto frontier
- Attack model
- Attack trees
- Graphical attack